// @login  & regiter 
const express = require('express')
const router = express.Router()
const User = require('../../models/User')
const bcrypt = require('bcrypt');
const gravatar = require('gravatar');
const jwt = require('jsonwebtoken');
const keys = require('../../config/keys');
const passport = require('passport');


// $route GET api/user/test
// @desc 返回的json数据
// @access public
router.get("/test", (req, res) => {
    res.json({msg: "login works"})
})


// $route POST api/user/register
// @desc 返回的json数据
// @access public
router.post("/register", (req, res) => {
    //console.log(req.body)

    //查询数据库中是否拥有邮箱
    User.findOne({email: req.body.email})
        .then((user)=> {
            if(user) {
                return res.status(400).json('邮箱已被注册！')
            }else{
                const avatar = gravatar.url(req.body.email, {s: '200', r: 'pg', d: 'mm'});

                const newUser = new User({
                    name: req.body.name,
                    email: req.body.email,
                    avatar,
                    password: req.body.password,
                    identity: req.body.identity
                })

                bcrypt.genSalt(10, function(err, salt) {
                    bcrypt.hash(String(newUser.password), salt, (err, hash) => {
                        if (err) throw err;

                        newUser.password = hash;
                        newUser.save()
                            .then((user)=>res.json(user))
                            .catch(err=> console.log(err))
                    });
                });
            }
        })
})


// $route POST api/user/login
// @desc 返回token jwt passport
// @access public
router.post('/login', (req, res)=>{

    const email = req.body.email
    const password = req.body.password

    User.findOne({email})
        .then((user)=>{
            if (!user) {
                return res.status(400).json("用户不存在！");
            } 

            //密码匹配
            bcrypt.compare(password, user.password)
                .then(isMatch => {
                    if(isMatch) {
                        const rule = {
                            id: user.id,
                            name: user.name,
                            avatar: user.avatar,
                            identity: user.identity
                        }
                        jwt.sign(rule, keys.secretOrkey, {expiresIn: 36000}, (err, token)=>{
                            if(err) throw err;
                            res.json({
                                success: true,
                                token: "bearer " + token
                            })
                        })

                    } else {
                        return res.status(400).json("密码错误!")
                    }
                })
        })


})


// $route GET api/user/current
// @desc return
// @access Private

router.get('/current', passport.authenticate("jwt", {session: false}), (req, res) => {
    res.json({
        id: req.user.id,
        name: req.user.name,
        email: req.user.email,
        identity: req.user.identity
    })
})

module.exports = router;